Skip to content
Token/
Create token

Pay Station API (2.0)

Overview

  • Version: 2.0.0
  • Servers:
    • https://api.xsolla.com/api

Pay Station allows partners to monetize their products by providing users with a convenient UI to pay for in-game purchases in the game store. To set up opening the payment UI, refer to these instructions.

The Pay Station API provides the following groups of calls:

  • Token — includes the API call to generate a token with arbitrary user parameters for further payment processing via the payment UI.
  • Tokenization — includes API calls to securely process payments without opening the payment UI or involving the user.
  • Reports — includes API calls to return data on user transactions, generate reports, and get payouts breakdown by currency.
  • Refund — includes API calls to request full and partial refunds.
  • Testing — includes the API call to test the chargeback process.

You can find detailed information about configuring the payment UI in the Payments solution integration guide.

Note

You can also refer to the Xsolla Base API section in the Postman collection to test API calls used for integration.

Download OpenAPI description
index.json
index.yaml
Languages
Servers
https://api.xsolla.com/merchant/v2/
Mock server
https://xsolla.redocly.app/_mock/api/pay-station/

Token

Operations

Create token

Request

You can create a token with arbitrary user parameters. You send these parameters when obtaining the token and receive them back after a successful payment. A token can only contain parameters either described in this document or predefined by you.

If any parameter is sent in the wrong format or has the wrong type, no token will be issued. You will receive a 422 HTTP code with the error description in the JSON body. In extended_message you will receive an information what exact parameters have been sent incorrectly.

By default, the token lifetime is 24 hours. If you want to change this value, contact your Customer Success Manager or send an email to csm@xsolla.com. The new value will be enabled for all your company’s projects created in Publisher Account.

Notice

The token you obtain after calling this API method can be used only for authorizing other requests. You can use this token to open the payment UI only if you integrated the Subscriptions product.

To open the payment UI in a new window, use the following link: https://secure.xsolla.com/paystation4/?token={token}, where {token} is the received token.

For testing purposes, use this URL: https://sandbox-secure.xsolla.com/paystation4/?token={token}.

Notice

This API call does not contain the project_id path parameter, so you need to use the API key that is valid in all the company’s projects to set up authorization.

Security
basicAuth
Path
merchant_idintegerrequired

Merchant ID.

Bodyapplication/jsonrequired
userobject(user)

User details.

user.​idobject(id.user)required
user.​id.​valuestringrequired

Unique user ID in the game stored on your side. Make sure you pass the existing user ID. In case an error occurs, refer to the answers to the FAQs.

user.​emailobject(email.user)

The user.email object is an integral part of building anti-fraud models and helps increase acceptance rates. It is both Xsolla and payment systems requirement. If the parameter is not passed, the required field for entering email appears on the payment page. A user receives a purchase receipt to the email passed in the parameter or entered on the payment page.

user.​email.​valuestring<= 100 charactersrequired

User email. Must be valid according to the RFC 822 protocol.

user.​email.​allow_modifyboolean

Whether a user can enter their email in the payment UI. If the user.email.value parameter is passed in the token, the value is false by default.

user.​nameobject(name.user)
user.​name.​valuestring

User screen name.

user.​name.​allow_modifyboolean

Whether a user can enter their name in the payment UI. If the user.name.value parameter is passed in the token, the value is false by default.

user.​ageinteger(age.user)

User age.

user.​phoneobject or null(phone.user)
user.​phone.​valuestring

User phone number.

user.​countryobject(country.user)
user.​country.​valuestring

Two-letter uppercase country code per ISO 3166-1 alpha-2.

user.​country.​allow_modifyboolean

Whether a user can change the country on payment UI. If country.value is passed in the token, the value is false by default.

user.​attributesobject(attributes.user)

User attributes for filtering the item list, represented as a valid JSON set of key-value pairs.

user.​steam_idobject(steam_id.user)
user.​steam_id.​valuestring

Steam ID.

user.​tracking_idobject(tracking_id.user)
user.​tracking_id.​valuestring= 32 characters

Unique user ID — used in marketing campaigns. Can contain digits and Latin characters.

user.​public_idobject(public_id.user)
user.​public_id.​valuestring

Parameter that uniquely identifies the user and is known to the user (email, screen name, etc). Allows the user to make purchases outside the game store (e.g., via cash kiosks).

user.​utmobject(utm.user)

Traffic attributes.

user.​utm.​utm_sourcestring

Traffic source.

user.​utm.​utm_mediumstring

Traffic channel (contextual ads, media ads, email lists, etc.).

user.​utm.​utm_campaignstring

Campaign title, transliterated or translated to English.

user.​utm.​utm_termstring

Campaign keyword. If set, statistics will be based on the keywords used for ad targeting rather than on specific search queries. In Google Analytics, the specified utm_term is part of the general search terms report.

user.​utm.​utm_contentstring

Campaign content.

user.​is_legalboolean(is_legal.user)

Whether the user is a legal entity.

user.​legalobject(legal.user)

Object with legal entity details. Object and all its parameters are required if user.is_legal is true.

user.​legal.​namestring

Full legal name.

user.​legal.​addressstring

Full legal address.

user.​legal.​vat_idstring

Individual taxpayer identifier.

user.​legal.​countrystring

Country of incorporation. Two-letter uppercase country code per ISO 3166-1 alpha-2 is used.

settingsobject(settings)

Settings for configuring payment process and the payment UI for a user.

settings.​project_idinteger(project_id)required

Game’s Xsolla ID. Can be found in Publisher Account.

settings.​external_idstring(external_id)

Transaction ID in the game. Has to be unique for each user payment. Refer to documentation for detailed information.

settings.​languagestring(language)

Interface language. Two-letter lowercase language code.

settings.​return_urlstring(return_url)

URL of the page where a user is redirected to after the payment. Refer to documentation for detailed information about configuring redirects.

settings.​redirect_policyobject(redirect_policy)

Redirect policy settings.

settings.​redirect_policy.​redirect_conditionsstring

Payment status for which a user is redirected to the return URL. Can be none, successful, successful_or_canсeled, or any.

Enum"none""successful""successful_or_canceled""any"
settings.​redirect_policy.​delayinteger

Delay (in seconds) after which a user is automatically redirected to the return URL.

settings.​redirect_policy.​status_for_manual_redirectionstring

Payment status for which a button redirecting a user to the return URL is displayed. Can be none, successful, successful_or_canсeled, or any.

Enum"none""successful""successful_or_canceled""any"
settings.​redirect_policy.​manual_redirection_actionstring

Pay Station behavior triggered by the user clicking the close button or the Back to the Game button. Can be redirect (by default) and postmessage. If set to redirect, a user is redirected to the URL passed in the token or specified in Publisher Account. If set to postmessage, a user is not redirected to other pages. Clicking the close icon initiates sending the close event, and clicking the Back to the Game button — the return event.

Enum"redirect""postmessage"
settings.​redirect_policy.​redirect_button_captionstring

Text on the button for manual redirection.

settings.​redirect_policy.​show_redirect_countdownboolean

Whether to display a redirect countdown timer on the payment status page. The countdown duration is determined by the value passed in the settings.redirect_policy.delay parameter.

Default false
settings.​currencystring(currency)

Preferred payment currency. Three-letter currency code per ISO 4217.

settings.​modestring(mode.settings)

Set to sandbox to test out the payment process. In this case, use https://sandbox-secure.xsolla.com to access the test payment UI.

settings.​payment_methodinteger(payment_method)

Payment method ID.

settings.​payment_widgetstring(payment_widget)

Payment widget. Can be paybycash or giftcard. If the parameter is set, the user is redirected to the Pay by Cash or Gift Cards widget, respectively.

Enum"paybycash""giftcard"
settings.​uiobject(ui)

Interface settings.

settings.​ui.​themestring(theme.ui)

Payment UI theme. Can be 63295a9a2e47fab76f7708e1 for the light theme (default) or 63295aab2e47fab76f7708e3 for the dark theme. You can also create a custom theme and pass its ID in this parameter.

Enum"63295a9a2e47fab76f7708e1""63295aab2e47fab76f7708e3"
settings.​ui.​desktopobject(desktop.ui)

Interface settings for the desktop version.

settings.​ui.​desktop.​headerobject(header.desktop)

Header settings.

settings.​ui.​desktop.​header.​is_visibleboolean

Whether to show the header in the payment UI.

settings.​ui.​desktop.​header.​visible_logoboolean

If true, the logo is displayed in the header. To upload the image, open your project in Publisher Account and go to the Pay Station > Settings section.

settings.​ui.​desktop.​header.​visible_nameboolean

Whether to show the project name in the header.

settings.​ui.​desktop.​header.​visible_purchaseboolean

Whether to show the purchase description (purchase.description.value) in the header. true by default.

settings.​ui.​desktop.​header.​typestring

How to show the header. Can be compact (hides project name and user ID) or normal (default).

Enum"compact""normal"
settings.​ui.​desktop.​header.​close_buttonboolean

Whether to show the Close button in the payment UI. The button closes the payment UI and redirects the user to the URL specified in the settings.return_url parameter. false by default.

settings.​ui.​desktop.​header.​close_button_iconstring(close_button_icon)

The icon of the Close button in the payment UI.

Enum ValueDescription
arrow

The icon on the left side of the payment UI header.

cross

The × icon on the right side of the payment UI header.

settings.​ui.​desktop.​subscription_listobject(subscription_list.desktop)

Settings for the list of subscription plans.

settings.​ui.​desktop.​subscription_list.​descriptionstring

Any text to show above the list of available subscription plans in the payment UI.

settings.​ui.​desktop.​subscription_list.​display_local_priceboolean

If true, and if the user’s local currency is different from the one set for the subscription plan, the user will be able to see both prices: one in the local and one in the basic currency.

settings.​ui.​headerobject(header.ui)
settings.​ui.​header.​visible_virtual_currency_balanceboolean

Whether or not this element can be hidden on Payment UI. true by default.

settings.​ui.​mobileobject(mobile.ui)
settings.​ui.​mobile.​headerobject
settings.​ui.​mobile.​header.​close_buttonboolean

Whether to show a Close button in Pay Station mobile. The button closes Pay Station and redirects the user to the URL specified in the settings.return_url parameter. false by default.

settings.​ui.​mobile.​header.​close_button_iconstring(close_button_icon)

The icon of the Close button in the payment UI.

Enum ValueDescription
arrow

The icon on the left side of the payment UI header.

cross

The × icon on the right side of the payment UI header.

settings.​ui.​componentsobject(components)

Menu settings.

settings.​ui.​components.​virtual_itemsobject

Virtual items submenu settings.

settings.​ui.​components.​virtual_items.​orderinteger

Position of the submenu in the menu.

settings.​ui.​components.​virtual_items.​hiddenboolean

Whether to show the submenu.

settings.​ui.​components.​virtual_items.​selected_groupstring

Group to show after opening the virtual items tab.

settings.​ui.​components.​virtual_items.​selected_itemstring

Item to show after opening the virtual items tab (item SKU).

settings.​ui.​components.​virtual_currencyobject

Virtual currency submenu settings.

settings.​ui.​components.​virtual_currency.​custom_amountboolean

Whether the user can enter an arbitrary quantity of the virtual currency in the payment UI.

settings.​ui.​components.​virtual_currency.​orderinteger

Position of the submenu in the menu.

settings.​ui.​components.​virtual_currency.​hiddenboolean

Whether to show the submenu.

settings.​ui.​components.​subscriptionsobject

Subscription plans submenu settings.

settings.​ui.​components.​subscriptions.​orderinteger

Position of the submenu in the menu.

settings.​ui.​components.​subscriptions.​hiddenboolean

Whether to show the submenu.

settings.​ui.​modestring(mode.ui)

Display mode of the payment UI for managing saved payment methods. Can be set to user_account or omitted. In this mode, the user can only change the language, add new payment methods, and remove existing ones.

Note

When this parameter is passed, the redirect button is not displayed. To redirect a user after saving a payment method, configure automatic redirects.

settings.​ui.​is_prevent_external_link_openboolean(is_prevent_external_link_open)

Whether or not redirecting links to an external resource is disabled. false by default. When clicking an external link, the external-link-open event is sent via the postMessage mechanism. The address for the redirected link is passed in the url parameter.

settings.​ui.​is_payment_methods_list_modeboolean(is_payment_methods_list_mode)

Whether the list of payment methods available in the user’s country is displayed when opening the payment UI. If false (default), the payment method passed in the settings.payment_method parameter or the method selected by the PayRank algorithm is displayed.

settings.​ui.​is_independent_windowsboolean(is_independent_windows)

Whether to redirect users from the embedded launcher’s browser (WebView) to their default browser to make a purchase. false by default.

settings.​ui.​user_accountobject(user_account)

User account details.

settings.​ui.​user_account.​payment_accountsobject

Saved methods section.

settings.​ui.​user_account.​payment_accounts.​enableboolean

Specifies whether to display the pencil icon in the payment UI that goes to the payment method editing page. true by default.

settings.​ui.​user_account.​payment_accounts.​orderinteger>= 1

Position of the section in the drop-down list in the payment UI. Required if settings.ui.user_account.payment_accounts.enable is passed.

settings.​ui.​currency_formatstring(currency_format)

Set to code to display a three-letter ISO 4217 currency code in the payment UI. The currency symbol is displayed instead of the three-letter currency code by default.

settings.​ui.​is_show_close_widget_warningboolean(is_show_close_widget_warning)

Whether to show a warning about processing the transaction when hovering over the × icon before closing the payment page. If false is passed, or the parameter is not passed, the warning is not displayed. true by default.

settings.​ui.​layoutstring(layout)

Location of the main elements of the payment UI. You can open the payment UI inside your game and/or swap the columns with information about an order and payment methods. Refer to the customization instructions for detailed information.

Enum"embed""column_reverse""embed_column_reverse"
settings.​ui.​is_three_ds_independent_windowsboolean(is_three_ds_independent_windows)

Whether the 3-D Secure verification opens in a new browser window. If your setup enforces a Content Security Policy (CSP), set to true.

Default false
settings.​ui.​is_cart_open_by_defaultboolean(is_cart_open_by_default)

The display of the list of cart items and financial details in the payment UI. If true, information is displayed in an extended view. If false (default) or the parameter is not passed, information is displayed in a collapsed view.

settings.​ui.​gp_quick_payment_buttonboolean(gp_quick_payment_button)

The way the Google Pay payment method is displayed. If true, the button for quick payment via Google Pay is displayed at the top of the payment UI, regardless of the user’s device and browser. If false, Google Pay is displayed in the list of payment methods according to the PayRank algorithm. If the parameter is not passed, Google Pay is displayed at the top of the payment UI on any user’s devices and browsers, except Safari — on Safari, it is displayed in the list of payment methods.

settings.​ui.​apple_pay_quick_payment_buttonboolean(ap_quick_payment_button)

Whether to display the button for quick payment via Apple Pay at the top of the payment UI on supported devices. true by default. If false, Apple Pay is displayed in the list of payment methods according to the PayRank algorithm.

Note

On Android devices and any other devices that don’t support payment with Apple Pay, this payment method will be hidden from the list of available ones regardless of the parameter value.

settings.​ui.​is_search_field_hiddenboolean(is_search_field_hidden)

Whether to show a payment method search bar in the payment UI. If true, the search bar is hidden. false by default.

settings.​ui.​is_language_selector_hiddenboolean(is_language_selector_hidden)

Whether the language selector is hidden on the payment page. If false (by default), the selector is displayed.

settings.​ui.​alternative_first_screenstring(alternative_first_screen)

Alternative view of the payment UI screen when opened. For example, it can display prioritized payment methods.

When set to apple-pay, the user sees the Apple Pay button as the primary payment option along with a link to the list of other payment methods. This logic doesn’t apply to Android devices.

Value"apple-pay"
purchaseobject(purchase)

Object containing purchase details.

purchase.​subscriptionobject(subscription)

Subscription data.

purchase.​subscription.​plan_idstring

External ID of the subscription plan. Can be found in the Subscriptions > Subscription plans section of Publisher Account.

purchase.​subscription.​operationstring

The type of operation applied to the user’s subscription plan. To change the subscription plan, pass the change_plan value. You need to specify the new plan ID in the purchase.subscription.plan_id parameter.

purchase.​subscription.​product_idstring

Product ID.

purchase.​subscription.​currencystring

Currency of the subscription plan to use in all calculations.

purchase.​subscription.​available_plansArray of strings

Subscription plans to show in the payment UI.

purchase.​subscription.​trial_daysinteger

Trial period in days.

purchase.​is_lootboxboolean(is_lootbox)

Whether the item is a loot box.

Default false
custom_parametersobject(custom_parameters)

This object contains parameters to configure anti-fraud filters. The list of parameters is shown below. To add custom parameters, contact your Customer Success Manager or email at csm@xsolla.com.

custom_parameters.​registration_datestring

Account creation date per ISO 8601.

custom_parameters.​total_hoursinteger

Total number of in-game hours.

custom_parameters.​total_charactersinteger

Number of in-game characters.

custom_parameters.​social_networks_addedboolean

Whether the player has connected social media profiles.

custom_parameters.​profile_image_addedboolean

Whether the player has uploaded a profile image.

custom_parameters.​active_datestring

Last seen date per ISO 8601.

custom_parameters.​total_friendsinteger

Number of friends.

custom_parameters.​additional_verificationboolean

Whether the player uses account verification procedures.

custom_parameters.​win_rateinteger

Win rate.

custom_parameters.​last_change_password_datestring

Last password change date per ISO 8601.

custom_parameters.​chat_activityboolean

Whether the player uses the chat function.

custom_parameters.​forum_activityboolean

Whether the player uses the forum function.

custom_parameters.​total_bansinteger

Number of times the player was banned in the chat/forum.

custom_parameters.​profile_completedboolean

Whether the player added additional information to their profile.

custom_parameters.​notifications_enabledboolean

Whether the player enabled notifications.

custom_parameters.​user_levelinteger

Player’s level, reputation, or rank.

custom_parameters.​karma_pointsinteger

Player’s karma.

custom_parameters.​total_sumnumber(float)

Total amount of payments.

custom_parameters.​non_premium_currencynumber(float)

Amount of non-premium currency.

custom_parameters.​total_game_eventsinteger

Number of in-game events the player took part in.

custom_parameters.​total_giftsinteger

Number of in-game gifts the player has sent/received.

custom_parameters.​tutorial_completedboolean

Whether the player has completed the game’s tutorial.

custom_parameters.​completed_tasksinteger

Number of tasks/objectives completed.

custom_parameters.​items_usedboolean

Whether the player uses purchased in-game items.

custom_parameters.​pvp_activityboolean

Whether the player takes part in PvP (Player(s) versus player(s)) battles.

custom_parameters.​total_clansinteger

Number of clans the player is a member of.

custom_parameters.​unlocked_achievementsinteger

Number of achievements unlocked.

custom_parameters.​total_inventory_valuenumber(float)

Total inventory value (in-game currency).

custom_parameters.​character_customizedboolean

Whether the player has customized their character.

custom_parameters.​session_timestring

Average session time per ISO 8601.

curl -i -X POST \
  -u <username>:<password> \
  'https://api.xsolla.com/merchant/v2/merchants/{merchant_id}/token' \
  -H 'Content-Type: application/json' \
  -d '{
    "settings": {
      "currency": "USD",
      "language": "en",
      "project_id": 16184,
      "ui": {
        "size": "medium"
      }
    },
    "user": {
      "email": {
        "value": "email@example.com"
      },
      "id": {
        "value": "user_2"
      },
      "name": {
        "value": "John Smith"
      }
    }
  }'

Responses

Created.

Bodyapplication/json
tokenstring
Response
application/json
{
  "token": "eop57k1boA7nnYPtewZ6KEXJyJADEwRT"
}

Tokenization

Operations

Reports

Operations

Refund

Operations

Testing

Operations